745d2c98f9467f1befb7ec3a6c485333d4f1b437 |
|
13-Apr-2018 |
Dmitry Dementyev <dementyev@google.com> |
Remove implementation of deprecated RecoveryController methods. Bug: 78021839 Test: manual Change-Id: I8a8a23f1cc14e7b9ffe1e758b6f35906d1a5cf2f
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
3990ee1c9fcd8f801220edec94e6bef3009809b5 |
|
11-Apr-2018 |
Jeff Sharkey <jsharkey@android.com> |
Clean up APIs before declaring API 28. As part of finalizing an SDK, we need to ensure that no new APIs are marked @Deprecated, since they're typically cleanup that someone forgot to finish. Someone forgot to replace Slice.getTimestamp() with Slice.getLong(). Bug: 77588754 Test: builds, boots Exempt-From-Owner-Approval: SDK finalization Change-Id: Ic0ec91a43d161a69c1e840c42046ad500b7aeca0
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
b95c90ce2d10a93c680b2ddbdf7ad61feb3abf5a |
|
10-Apr-2018 |
Bo Zhu <bozhu@google.com> |
Add an API to check whether the recoverable keystore is enabled Bug: 77690455 Test: It builds Change-Id: I94be0e341d8a3e0fa9a5f9af8beda60e08a449e8
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
4147a83ae5709bdb22986b49798f05488e4579f1 |
|
06-Apr-2018 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Revert "Remove deprecated RecoveryController API."" into pi-dev
|
c157e21249b01cca18e6712d69c719f245db51a7 |
|
06-Apr-2018 |
Robert Berry <robertberry@google.com> |
Revert "Remove deprecated RecoveryController API." This reverts commit 0d55aa387a4ec65899fc82a1391e5533c85c3edb. Reason for revert: aps_sidecar binary is still using some of these @removed APIs. Although HEAD of auth_folsom is fixed, aps_sidecar burned in framework is old. Bug: 77629807 Change-Id: I2f03c7d12de30cc2eebd91bb65646caaa00fcd1d
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
ce70473a89325bbc11f81d0fc530888d8782fbea |
|
04-Apr-2018 |
Dmitry Dementyev <dementyev@google.com> |
Merge "Remove deprecated RecoveryController API." into pi-dev
|
23174b7eaeb93918451c36bbbfad94bafd44bdd6 |
|
03-Apr-2018 |
Aseem Kumar <aseemk@google.com> |
Throw ServiceSpecificException if calling app tries to initialize certificates with lower version. Earlier, the code just returned silently, giving no indication that updating certs failed. Change-Id: I3eb1b9f423791a655b47b3e76c20a170e2b632c0 Bug: 77533356 Test: runtest frameworks-services -p com.android.server.locksettings.recoverablekeystore
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
0d55aa387a4ec65899fc82a1391e5533c85c3edb |
|
02-Apr-2018 |
Dmitry Dementyev <dementyev@google.com> |
Remove deprecated RecoveryController API. 1) Mark all deprecated methods as removed. Bug: 74944591 Test: atest RecoveryControllerHostTest Change-Id: I2dd88d2ba0b9fb254327ee85b9d983ab10eb061b
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
0f23660488737dfd901365edcc0be9c000ebc5a9 |
|
03-Apr-2018 |
Dmitry Dementyev <dementyev@google.com> |
Revert "Throw invalid cert exception when deprecated initRecoveryService method" This reverts commit 50bc7e42d73c9ca8d77dcd538619c6d6eeaf6dea. Reason for revert: API is still used by old binary Change-Id: I3c8348211baa26245786abda6360a8df96e2d223 Bug: 77293264
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
50bc7e42d73c9ca8d77dcd538619c6d6eeaf6dea |
|
31-Mar-2018 |
Dmitry Dementyev <dementyev@google.com> |
Throw invalid cert exception when deprecated initRecoveryService method is used. Throw unsupported operation exception when older version of RecoveryController is used. Bug: 77293264 Test: atest RecoveryControllerHostTest Change-Id: I0003104a4305444fac0092f4f6929545cf7c9413
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
41d2dd2f266eb8dc50afcda253f04f1c7e9ccc0e |
|
30-Mar-2018 |
Bo Zhu <bozhu@google.com> |
Expose e.getMessage() from the exceptions in RecoverableKeyStore Bug: 77327780 Test: runtest frameworks-services -p \ com.android.server.locksettings.recoverablekeystore Change-Id: Ibf04d6405e6468bfdfef0a8cb8e6e96bffbbf3a2
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
912853be102cc854f77d25f0946f4e6435b100b9 |
|
30-Mar-2018 |
Dmitry Dementyev <dementyev@google.com> |
Merge "Remove deprecated generateAndStoreKey method implementation" into pi-dev
|
93f38d7b3a5bda2bd9bcc7def67936370b40e306 |
|
29-Mar-2018 |
Robert Berry <robertberry@google.com> |
Update RecoveryController JavaDoc Try to encode as many requirements as possible into the Recovery Agent JavaDoc. Bug: 70900575 Test: None, it is documentation Change-Id: Iae05be24fa29d885f560943f256fd8d7ca692cf7
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
86f5bb1a8cfe2d169767fb723d315955dda3a0e6 |
|
28-Mar-2018 |
Dmitry Dementyev <dementyev@google.com> |
Remove deprecated generateAndStoreKey method implementation Bug: 77156834 Test: GTS, apct. Change-Id: I23791fced21308467afc60cc16efc4aee7074134
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
16d9db57f513eb13eeb2486d2d4770f59faf5550 |
|
26-Mar-2018 |
Dmitry Dementyev <dementyev@google.com> |
Use Builder instead for KeyChainProtectionParams. Use Builder to create KeyChainSnapshot it tests. Bug: 75952916 Test: apct Change-Id: I5ab8c864a7ccc55dafa40867ec4364a705738d86
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
0bbaf189c259f7d3154737c4284023921dc821b0 |
|
24-Mar-2018 |
Dmitry Dementyev <dementyev@google.com> |
Add more NonNull annotations to RecoveryController API Bug: 73959762 Test: none Change-Id: I648c20a099d4ac1c002f4f467d7189a8bc019560
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
73b7722c13ecc8eaf1d6439e4537cb7e10f53405 |
|
23-Mar-2018 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Do not throw KeystoreException for when a key does not exist" into pi-dev
|
364dbf1c9e695e339508fda9184fba797ed5491a |
|
23-Mar-2018 |
Dmitry Dementyev <dementyev@google.com> |
Merge "Update RecoverableKeyStoreManager methods to throw NullPointerException when null is passed as @NonNull argument." into pi-dev
|
72f5755721ad22d4711e9e9cc8ef6107db91466a |
|
23-Mar-2018 |
Robert Berry <robertberry@google.com> |
Do not throw KeystoreException for when a key does not exist Bug: 75955240 Test: manual Change-Id: Ibd2f4d7cd654752b69d2d22e803d4d1cc05c118f
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
933dfc1cd6041d1e77d169be91818d5b31e36edc |
|
23-Mar-2018 |
Aseem Kumar <aseemk@google.com> |
Delete unimplemented APIs from RecoveryController. Bug: 74859770 Test: make update-api builds Change-Id: Ic547e0ee2ef13995389a71369ffa736a7d83b78a
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
1e6a9dcecb92b4a9a8d3c60372821ba7cd830873 |
|
21-Mar-2018 |
Dmitry Dementyev <dementyev@google.com> |
Update RecoverableKeyStoreManager methods to throw NullPointerException when null is passed as @NonNull argument. Mark serverParams as nullable. Null value can be used to prevent new snapshots creation. Bug: 73959762 Test: Test: adb shell am instrument \ -w -e package com.android.server.locksettings.recoverablekeystore \ com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner Change-Id: I5c6ddd696b2882b3d27978b0146ff419bedaf5ee
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
c6bd1855656168119ab4ac62cbf0e7930551e846 |
|
22-Mar-2018 |
Robert Berry <robertberry@google.com> |
Merge "Unhide RecoveryController#getRootCertificates()" into pi-dev
|
93d002ca5f94facfec75359999c910f914d7b7c4 |
|
21-Mar-2018 |
Robert Berry <robertberry@google.com> |
Unhide RecoveryController#getRootCertificates() This is so we can add a GTS test to affirm that GMS devices include the Google Cloud Key Vault root certificate. Test: runtest frameworks-core -p android.security.keystore.recovery Bug: 74621045 Change-Id: Ib6431f5739f3dff066832e6aa300dd9da5bc0727
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
c5ab69469d53ffc5b55e91c5374da8b03dd4661c |
|
21-Mar-2018 |
Bo Zhu <bozhu@google.com> |
Small fix for the key grant alias used in importKey Bug: 74345822 Test: atest RecoveryControllerHostTest#testImportKey_ValidKey Change-Id: I54812b3d7465ee508fe48886f5897470fe7455a0
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
4a5c87def075c805d4fcae7ff01dd2e78ec27b1a |
|
19-Mar-2018 |
Robert Berry <robertberry@google.com> |
Add RecoverySession importKeyChainSnapshot method This imports the keys directly into the keystore of LockSettingsService, allowing them to be accessed via the RecoveryController getKey method. This is better as it does not expose raw key material to any app. Bug: 74345822 Test: runtest frameworks-services -p \ com.android.server.locksettings.recoverablekeystore Change-Id: I4991b0cff1d2fa2e5bd0b53a71c096499e93e98b
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
c1742e51378c3ec99a0e5df14dc0c77bcca0d16a |
|
12-Mar-2018 |
Aseem Kumar <aseemk@google.com> |
Unhide getKey() and importKey() and the whole class of RecoveryController. Added @RequiresPermission(android.permission.RECOVER_KEYSTORE) on all public APIs of RecoveryController. Bug: 73900159 Test: adb shell am instrument -w -e package \ com.android.server.locksettings.recoverablekeystore \ com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner Change-Id: I1047c038603869307d7a2462a2e5635fcd1c94c2
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
7f414d94fc4f6bd34325f3865b51e8d11acb52ad |
|
28-Feb-2018 |
Bo Zhu <bozhu@google.com> |
Check the public-key signature of the whole certificate file before accepting the certificates This change requires an additional param to the initRecoveryService() API to take in the public-key signature. Bug: 73904566 Test: adb shell am instrument -w -e package \ com.android.server.locksettings.recoverablekeystore \ com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner Change-Id: I2aeead1fda51b6cd8df71ed3b5066342ebc8d5ea
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
5240541e0173116bf0a088241057ad2e63fc9113 |
|
28-Feb-2018 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Remove @removed from APIs still in use"
|
5af199c56e2723f0eb98027644a1e3486f22ef18 |
|
28-Feb-2018 |
Robert Berry <robertberry@google.com> |
Remove @removed from APIs still in use I completely misunderstood this annotation. Bug: 73962883 Test: ran unit tests Change-Id: Id3e3863fc6fd1e0614a3c75d25cd35239667eaf0
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
2c8e5383c836d2dfa39b0be6bfa281285667a880 |
|
27-Feb-2018 |
Bo Zhu <bozhu@google.com> |
Add a new API to import a key provided by the caller, such that this key can also be synced to the remote service This API may be useful for backward-compatibility work, e.g., recovering a key that's backed up in Android Q+ to Android P without updating the Android P Frameworks code. This API may also be useful for other use cases. Bug: 73785182 Change-Id: I1022dffb6a12bdf3df2022db5739169fcc9347d2 Test: adb shell am instrument -w -e package \ com.android.server.locksettings.recoverablekeystore \ com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
beafcb50d4f963421bac7e84a4f47f68a8b5e4b6 |
|
26-Feb-2018 |
Robert Berry <robertberry@google.com> |
Fix minor documentation issues in RecoveryController Test: none, just doc updates Change-Id: I7d2152f788a65162d72dbd9970230a9a07034014
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
a3b994798d870244f11b56ae0bdfb870924402a8 |
|
23-Feb-2018 |
Robert Berry <robertberry@google.com> |
Remove account param from generateKey method Bug: 73811828 Test: runtest frameworks-services -p com.android.server.locksettings.recoverablekeystore Change-Id: If2f4174beea9cfb8c852139a7594815c377dbe7a
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
f34ad9509df18aff1f36123b839c62003216245c |
|
25-Feb-2018 |
Robert Berry <robertberry@google.com> |
Merge "Remove packageName from getRecoveryStatus"
|
01468dae197a2b8d5d6e836d92c6582abf81f425 |
|
23-Feb-2018 |
Robert Berry <robertberry@google.com> |
Merge "Make it possible to construct a RecoverySession"
|
56f06b4d111f99f72d4232b43037fea2f6246e7d |
|
23-Feb-2018 |
Robert Berry <robertberry@google.com> |
Remove packageName from getRecoveryStatus This parameter is unused. Bug: 73757432 Test: runtest frameworks-services -p com.android.server.locksettings.recoverablekeystore Change-Id: I153a84d71b0ebaed8ce3a1f0f33c70036dd960b2
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
e04e09ad87c218e1ddb66ac78e95af66cb0452ff |
|
22-Feb-2018 |
Robert Berry <robertberry@google.com> |
Make it possible to construct a RecoverySession These methods are currently inaccessible. Bug: 73763265 Test: it builds Change-Id: I8358a8084e1c4fa96b1fe599ef6b17d6196d6a12
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
bbe02ae8a3dd07989d61bbb739bfd863123c5489 |
|
20-Feb-2018 |
Robert Berry <robertberry@google.com> |
Remove package name parameter from setRecoveryStatus Package name is implicit. Recovery agent can only act for the same uid. Bug: 73757432 Test: runtest frameworks-services -p com.android.server.locksettings.recoverablekeystore Change-Id: I45abf4b956fa4e97d981614d9e61295e85d5669e
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
29b9de5b8a9b38290c2855890ae1f7a93c0b8421 |
|
01-Feb-2018 |
Dmitry Dementyev <dementyev@google.com> |
Update RecoveryController to use KeyStore grant API. Missing parts: 1) Whitelist locksettingsservice to use grant API. 2) Probably have similar update for recovered keys - they will live in system service and RecoveryAgent will use getKey() method to access them. 3) ApplicationKeyStorageTest Bug: 66499222 Test: adb shell am instrument -w -e package \ com.android.server.locksettings.recoverablekeystore \ com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner Change-Id: I584b89e3f777bed679b2eb5173750f3f1dee3635
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
b4fb98777006bc3c2bb038d50473663fbc92932c |
|
26-Jan-2018 |
Dmitry Dementyev <dementyev@google.com> |
Rename RecoveryController.getRecoveryData() to getKeyChainSnapshot. Bug: 72299798 Test: adb shell am instrument -w -e package com.android.server.locksettings.recoverablekeystore com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner Change-Id: I1a530414d255867786142fa2e01e50469379e295
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
f8ae5deba2911b7bc8441df31c0504eaaa687add |
|
09-Jan-2018 |
Dmitry Dementyev <dementyev@google.com> |
Unhide RecoverableKeyStoreLoader API. Bug: 66499222 Test: GTS tests under development Change-Id: I4285beaa26bc94d92f6213a34eb1e41ad0994d7a
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
0916e7ca44aba5e6c89d75007da805697fdace9e |
|
23-Jan-2018 |
Dmitry Dementyev <dementyev@google.com> |
Prepare KeyStore RecoveryController API for review. - set/get recovery status simplification - adding account to WrappedKey - moving recovery methods to the Session class. There are small cosmetical changes to .aidl which don't affect implementation logic. Bug: 72299798 Test: adb shell am instrument -w -e package com.android.server.locksettings.recoverablekeystore com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner Change-Id: I9efaa4cde42cf778bb97ed13f62750a65d8c6cb5
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|
81ee34bf957dffe020442e3f0c6c06817397ebf0 |
|
23-Jan-2018 |
Robert Berry <robertberry@google.com> |
Move APIs to final location in preparation for API review Leave old APIs in current location for backwards compatibility reasons. Bug: 72298565 Test: Tried flow with current versions of GMSCore to ensure they work still Change-Id: Iafc2b8ad8a574460dbb2482a67935debe71f1113
/frameworks/base/core/java/android/security/keystore/recovery/RecoveryController.java
|